New POS Malware MajikPOS Targets Payment Terminals in Canada and USA
One fresh Point-of-Sale (POS) malicious program is aiming attacks on terminal devices within Canada and USA. The POS named MajikPOS carries certain modular design while harbors several Remote Access Trojan (RAT) features, letting cyber-criminals scrutinize and choose the devices they intend for infecting.
Security researchers at Trend Micro detected the malware when they saw it via security scanners unlike ever before near about 28th January, 2017. However, as per recently discovered clues, MajikPOS's infection hit devices during August-November 2016.
MajikPOS' capabilities are identical to POS malware of any other kind; however, it uses a modular approach, which's quite different as well as interesting, for execution. When MajikPOS first spread the time was January-end 2017. Virusguides.com posted this, March 16, 2017.
MajikPOS' moniker follows the name of its CnC system that issues instructions to the malware and receives data from it after MajikPOS steals and uploads the same onto the command-and-control panel.
Perpetrators of MajikPOS access their target devices via the devices' end-points through RDP (Remote Desktop Protocol) and VNC (Virtual Network Computing), both penetrated easily because of their use of usernames and passwords that aren't hard to crack. One more access gateway is the number of RATs already on the system.
A thorough probe by the researchers reveal that the registering outfit of servers of Magic Panel had as well registered several websites that were forums for selling filched payment cards data. Trend Micro informs that these websites provide over 23,400 credit card records for sale at prices ranging from $9-$39. There are also bulk card bunches for sale, with these bunches containing 100, 50 or 25 cards at costs $700, $400 or $250 respectively.
With respect to remaining safe from MajikPOS attacks, in the meantime, the requirement is of chip-and-PN cards that are accurately configured, along with total data encryption that together would make MajikPOS incapable of infecting a device. However, because people all over USA are slow to imbibe VISA, MasterCard and EuroPay payment cards, it is advisable that security scanners be activated to detect already present RATs as well as security of both RDP and VNC assessed.
» SPAMfighter News - 21-03-2017